Archive for September 9th, 2017

Enlarge / Roughly translated, many parts of the Voynich Manuscript say that women should take a nice bath if they are feeling sick. Since its discovery in 1969, the 15th century Voynich Manuscript has been a mystery and a cult phenomenon . Full of handwriting in an unknown language or code, the book is heavily illustrated with weird pictures of alien plants, naked women, strange objects, and zodiac symbols. Now, history researcher and television writer Nicholas Gibbs appears to have cracked the code, discovering that the book is actually a guide to women’s health that’s mostly plagiarized from other guides of the era. Gibbs writes in the Times Literary Supplement that he was commissioned by a television network to analyze the Voynich Manuscript three years ago. Because the manuscript has been entirely digitized by Yale’s Beinecke Library , he could see tiny details in each page and pore over them at his leisure. His experience with medieval Latin and familiarity with ancient medical guides allowed him to uncover the first clues. After looking at the so-called code for a while, Gibbs realized he was seeing a common form of medieval Latin abbreviations, often used in medical treatises about herbs. “From the herbarium incorporated into the Voynich manuscript, a standard pattern of abbreviations and ligatures emerged from each plant entry,” he wrote. “The abbreviations correspond to the standard pattern of words used in the Herbarium Apuleius Platonicus – aq = aqua (water), dq = decoque / decoctio (decoction), con = confundo (mix), ris = radacis / radix (root), s aiij = seminis ana iij (3 grains each), etc.” So this wasn’t a code at all; it was just shorthand. The text would have been very familiar to anyone at the time who was interested in medicine. Read 6 remaining paragraphs | Comments

Equifax dumped dox on 143 million Americans (as well as lucky Britons and Canadians!), sat on the news for five weeks, let its execs sell millions in stock, and then unveiled an unpatched, insecure Wordpress site with an abusive license agreement where you could sign up for “free” credit monitoring for a year, in case someone used the immortal, immutable Social Security Number that Equifax lost control over to defraud you. (more…)

Two-factor authentication ( 2FA ) via SMS and a smartphone provides a heavy dose of additional security for your data, but as the US government declared last year, it’s not without its flaws. To fix that, the big four US mobile operators, Sprint, T-Mobile, Verizon and AT&T have formed a coalition called the Mobile Authentication Taskforce to come up with a new system. Working with app developers and others, they’ll explore the use of SIM card recognition, network-based authentication, geo-location, and other carrier-specific capabilities. The idea is to marry current 2FA with systems that “reduce mobile identity risks by analyzing data and activity patterns on a mobile network to predict, with a high degree of certainty, whether the user is who they say they are, ” according to the news release. The problem with SMS authentication is that skilled hackers have successfully hijacked SMS codes in the past, often simply by contacting the carrier and impersonating the victim. It also falls apart if thieves grab your smartphone along with your PC, gain access to your phone via malware, or just steal a glance at a 2FA message on your lockscreen. Through strong collaboration, the taskforce announced today has the potential to create impactful benefits for US customers by helping to decrease fraud and identity theft, and increase trust in online transactions. The system will be an open one that can work the four carriers and others. “We will be working closely with the taskforce to ensure this solution is aligned and interoperable with solutions deployed by operators, ” said Alex Sinclair, CTO of mobile industry group GSMA. The goal to improve 2FA security sounds like a noble one, but Congress, at the urging of carriers and ISPs, recently eliminated certain customer privacy protection rules. As such, consumer protection groups might have concerns about 2FA systems that could be used by operators to track customers, for example. The new system is supposed to arrive for “enterprises and customers in 2018, ” the group says. In the meantime, if you’re still not using two-factor authentication (SMS or otherwise), you really, really should be . Source: AT&T

Apparently, the folks over at Nerdist “spend every waking hour of every day wishing that Futurama was still on TV.” We’re big fans of the show, for sure, but we still spend a few hours during our days thinking of other things, like anime parodies and South Park , for instance. The Nerdist crew, however, has taken their rabid fandom to a whole new level. On September 14th, the team will debut a brand new Futurama episode as a radio play on the Nerdist podcast . The new one-shot will run long at 42 minutes and will feature the original cast in a story written by original Futurama writers. The podcast is sponsored by TinyCo’s Futurama: Worlds of Tomorrow , which already includes in-game content from the new storyline. The game is already a brand-new Futurama episode in itself, so finding even more bonus stuff from the upcoming story could be a ton of fun, as well. The new radio play will reunite Fry, Bender, Leela, Professor Farnsworth, Zoidberg, Amy and Hermes as they try to stop Klaxxon, a being made up of soundwaves from, wait for it, podcasts from the 21st century. The Planet Express team meets the evil creature on a routine mission to the deleted file planet, Junkleon 7. “Last year I cornered two fine gentlemen–Matt Groening & David X. Cohen–and pitched the idea of doing a new Futurama episode as a podcast/radio play because it’s one of my favorite things and I need more of it, ” said Nerdist ‘s Chris Hardwick in a statement. “Today I am drooling with unfiltered joy to say that a) it’s actually happening, b) I got to voice the villain (Klaxxon), and c) I’m a freaking head in a jar in Futurama: Worlds of Tomorrow , a game I’ve been feverishly playing since it came out. Galaxies of thanks to Matt, David and TinyCo for acquiescing to the maniacal ravings of a well-meaning fanboy.” Source: Nerdist

Elon Musk dropped a carefully cropped look at the SpaceX suit for astronauts on his Instagram a couple of weeks ago, and came back with a more revealing picture today. Modeled in front of the company’s Crew Dragon spacecraft , it gives a better idea of what we might be able to expect. It’s far sleeker than what we’ve seen in use from NASA until now, and as Musk noted previously, it apparently actually works. The flexible, padded joint areas look like they’ll give wearers a good range of motion, while the boots are relatively lightweight. That’s not surprising since, as TechCrunch notes, these are for use while inside the Dragon capsule or transferring to other vehicles where the environment is pressurized, not a long walk in the cold vacuum of space. There’s no word on when we’ll get our next pre-Mars trip fashion show, so enjoy this pic for now. Astronaut spacesuit next to Crew Dragon A post shared by Elon Musk (@elonmusk) on Sep 8, 2017 at 1:04pm PDT Source: Elon Musk (Instagram)

A day after announcing that hackers stole personal information tied to 143 million people in the US , Equifax’s response to the breach has come under scrutiny. Language on the website where people could find out if they were affected seemed to say that by signing up they would waive any right to join a class action suit against the company — something New York Attorney General Eric Schneiderman said is “unacceptable and unenforceable.” The company has since explained it does not apply to the data breach at all, but that hasn’t stopped misinformation from spreading. After conversations w my office, @Equifax has clarified its policy re: arbitration. We are continuing to closely review. pic.twitter.com/WcPZ9OqMcL — Eric Schneiderman (@AGSchneiderman) September 8, 2017 Equifax: In response to consumer inquiries, we have made it clear that the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident, Of course, considering the extent of what has leaked and the number of people affected, a hyperbolic reaction to anything surrounding this incident is understandable. Still, there are a few steps that people can and should take, now that we know someone has stolen more than enough information to perpetrate identity theft on a massive scale. Now that the language has been clarified, it appears legally clear to use Equifax’s website to check things out. Among Engadget staff, a few of us received notices that we aren’t among those impacted, but most weren’t so lucky. Still, there are questions about how secure the site itself is, since it requests the last six digits of each person’ social security number (and guessing first three isn’t as hard as you might think). Also, it doesn’t appear to work particularly well , responding to test and “gibberish” input with a claim that it’s part of the breach also. The best information on how to respond is available from the FTC . The government agency lays out solid next steps, like checking your credit report for any suspicious entries, as well as placing a freeze (there’s more advice on that here ) and/or fraud alert on your account with the major credit bureaus. This will make it harder for a thief to create a fake account for you and should force creditors to verify your identity. Finally, it’s important to file your taxes early, before a scammer potentially can. Source: Equifax , FTC

ugen shares a report from CNBC: Artificial Intelligence (AI) can now accurately identify a person’s sexual orientation by analyzing photos of their face, according to new research. The Stanford University study, which is set to be published in the Journal of Personality and Social Psychology and was first reported in The Economist, found that machines had a far superior “gaydar” when compared to humans. Slashdot reader randomlygeneratename adds: Researchers built classifiers trained on photos from dating websites to predict the sexual orientation of users. The best classifier used logistic regression over features extracted from a VGG-Face conv-net. The latter was done to prevent overfitting to background, non-facial information. Classical facial feature extraction also worked with a slight drop in accuracy. From multiple photos, they achieved an accuracy of 91% for men and 83% for women (and 81% / 71% for a single photo). Humans were only able to get 61% and 54%, respectively. One caveat is the paper mentions it only used Caucasian faces. The paper went on to discuss how this capability can be an invasion of privacy, and conjectured that other types of personal information might be detectable from photos. The source paper can be found here. Read more of this story at Slashdot.